GnuTLS Version 2.0.0 Released

Version 2.0.0 of the GnuTLS security database improves access to X.509 certificates and adds RSA with SHA-256/384/512 certificates to the crop of supported crypto approaches.

The database is now easier to deploy on platforms such as Windows and MacOS X, and comes with an extended manual

The security library implements the TLS standard RFC 2246 (Transport Layer Security) which is used by many applications for certificate-based encryption. Typical applications include secure website (HTTPS) or email (IMAPS) access.

The team of developers led by Simon Josefsson points out that SSL 2.0 is regarded as insecure by experts, and that the TLS 1.0 or SSL 3.0 implementations of the standard are recommended for applications. For this reason, GnuTLS does not support SSL 2.0 mode, says the project. The new TLS 1.2 standard is not approved as RFC 4346, however, GnuTLS does implement a pre-release version.

GnuTLS which is released under the LGPLv2 is regarded as an alternative to OpenSSL, which is released under the Apache License. Some developers see a legal issue in linking GPL-licensed applications with a library that is released under the Apache License.